<?php

 function getConn(){
	 try {
         //连接数据库 参数四（持久连接）：array(PDO::ATTR_PERSISTENT => true)
         $conn = new PDO("mysql:host=localhost;port=3306;dbname=blog202");
         //设置字符集
         $conn->query("set names utf8");
		 $reslut = $sql->query($selector);
		 $data = array();
		 while ($tmp = $reslut->fetch_assoc()){
			 $data[] = $tmp;
		 }
		 $re = array(
			"data"=>$data
		 );
		 return $conn;
		 
		 }catch (PDOException $ex){
			 exit("不能连接数据库".$ex);
		 }
}
	 
	 $conn = getConn();
     $username = 'admin';
     $password = "2454145454' or '1'='1'";
     
     $sql = "select * from users where username=:username and password=:password";
     
     $stmt = $conn ->prepare($sql);
     
     $stmt->bindParam(":username",$username);
     $stmt->bindParam(":password",$password);
      
     $stmt->execute();
     
     $row = $stmt->fetch();
     		 
	 if($row){
		 echo"用户名：". $row['username']. " 密码：".$row['password']."</br>";
	 }else{
		 echo"该用户不存在";
	 }

     
		 
		 